)]}' { "log": [ { "commit": "a90d70916791302382bf3bc6d17fbcff945518c6", "tree": "694839562d3bcd3839e5bfd3d3bf5fbe55d139ef", "parents": [ "8e84384bebe3b215a8f28f734f8227f71f737c6c" ], "author": { "name": "Marc-Antoine Ruel", "email": "maruel@google.com", "time": "Tue Aug 25 08:33:21 2020 -0400" }, "committer": { "name": "Marc-Antoine Ruel", "email": "maruel@google.com", "time": "Wed Aug 26 17:54:57 2020 +0000" }, "message": "Add minimal go.mod\n\nSince it\u0027s a fork, there isn\u0027t much else to do. This will enable the use of a\nreplace statement in fuchsia.git\u0027s go.mod files.\n\nBug: 58804\nChange-Id: I055c49f4a6b6ed181bb8774abfc9f28f4375c894\nReviewed-on: https://fuchsia-review.googlesource.com/c/third_party/go-tuf/+/420456\nReviewed-by: Erick Tryzelaar \u003cetryzelaar@google.com\u003e\n" }, { "commit": "8e84384bebe3b215a8f28f734f8227f71f737c6c", "tree": "e7df2ecdf9a86e4af07f8e5334b28f142ef986cc", "parents": [ "129ce308c6e2d311b1a078f7a02746eacddf39c1" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Dec 10 15:09:48 2019 -0800" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Dec 10 15:57:55 2019 -0800" }, "message": "Copy PrivateKey fields to Signers\n\nIn order for Signers to produce the same key ids as\n`PrivateKey.PublicData.IDs()`, we need to make sure we copy the exact\nvalues for `Type`, `Scheme`, and `Algorithms`.\n\nChange-Id: I6546481c9c03e3ff05db7c0375f32c3803d825c8\n" }, { "commit": "129ce308c6e2d311b1a078f7a02746eacddf39c1", "tree": "7ae315919b6d2d9b8f265ae7050d2abebe6061a5", "parents": [ "4ca61693fd6e578dff5770b2a46072beca7d626f" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri May 31 13:41:43 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Nov 22 15:42:01 2019 -0800" }, "message": "Stop generating TUF 0.9 prefixed metadata and target files\n\nTUF-1.0 no longer needs metadata files to be stored prefixed with the\nfile\u0027s hash. It only requires the version number.\n\nThis drops support for parsing M0 metadata, which only generated\nhash-prefixed target files.\n\nChange-Id: I002e344f0d381941d29b4ba409382fc8d5932f27\n" }, { "commit": "4ca61693fd6e578dff5770b2a46072beca7d626f", "tree": "f648bc5d1db660e02b17625a354899359a314861", "parents": [ "ed8d70c769d355f919e0c7b16ecef5eab11b4d54" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Nov 20 16:28:48 2019 -0800" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Nov 22 15:41:57 2019 -0800" }, "message": "add sha512 to keyid_hash_algorithms\n\nThis allows go-tuf to generate identical metadata to python-tuf v0.11.1.\n\nChange-Id: Ib378c420973f99e1035eb8f6943c1e3bddc00f30\n" }, { "commit": "ed8d70c769d355f919e0c7b16ecef5eab11b4d54", "tree": "72f0b00db39ce6f321c499b0ee5d2292fb2aadf5", "parents": [ "5527feb6040bc316ea6553f3c5fef0070d2e1be0" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Nov 20 08:22:12 2019 -0800" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Nov 20 08:22:12 2019 -0800" }, "message": "Remove invalid comment\n\nThe TUF 1.0 Spec does not specify how libraries should handle private keys,\nso the PrivateKeyValue.Private field is irrelevant for the TUF-1.0\nmigration.\n\nChange-Id: I69f32fb6f30ea2156abdffe4c6e48bf805295c56\n" }, { "commit": "5527feb6040bc316ea6553f3c5fef0070d2e1be0", "tree": "7bb1cd37b7ddfaef6338866310cdce17d407eb2c", "parents": [ "f4a3bb737a281554a9241f4a8289e2d2564cee83" ], "author": { "name": "Joshua Seaton", "email": "joshuaseaton@google.com", "time": "Wed Nov 06 17:22:00 2019 -0800" }, "committer": { "name": "Joshua Seaton", "email": "joshuaseaton@google.com", "time": "Fri Nov 08 14:44:53 2019 -0800" }, "message": "Update Root.UniqueKeys() to index by particular role\n\n* We originally added this method - and have no known uses currently in\nthe tree.\n* The updated logic is convenient, as it is a common calculation to find\nthe unique root keys corresponding to the \"root\" role alone.\n\nTest: repo_tests were updated - and pass.\n\nChange-Id: If2e74187d13eb85d965c843bdf4296b2c76b046a\n" }, { "commit": "f4a3bb737a281554a9241f4a8289e2d2564cee83", "tree": "4bc31d9389c97187bb10f8e04250afc683d1513a", "parents": [ "18d53fac435387cee317153f41a9ab4c8a7e8945" ], "author": { "name": "Dan Johnson", "email": "computerdruid@google.com", "time": "Fri Nov 01 12:26:44 2019 -0700" }, "committer": { "name": "Dan Johnson", "email": "computerdruid@google.com", "time": "Fri Nov 01 19:51:33 2019 +0000" }, "message": "fix flake in EncryptedSuite.TestTamperedRoundtrip\n\nIf we get really unlucky the encrypted bytes already start with 0x0000\nso the tampering fails.\n\nChange-Id: I66581683e1bb1548a3ac87dd8a499be02800ee1a\n" }, { "commit": "18d53fac435387cee317153f41a9ab4c8a7e8945", "tree": "69acb6f8c871ca960d1e32cc64ead21e8d9e8869", "parents": [ "f74a88347a2a3a43d5155864d66d3ea6b3b9a71c" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 22:30:36 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Oct 03 10:37:11 2019 -0700" }, "message": "Regenerate go-tuf-transitional-M4 metadata\n\nThis incorporates all the recent metadata changes:\n\n* metadata is pretty printed\n* test now no longer saves keys, and rotates all the keys\n* ignores duplicate key ids\n* metadata is now canonicalized\n* uses shared keys\n* `keyid_hash_algorithm` switched to `[\"sha256\"]`\n* fixed `consistent-snapshot-false` to actually turn off consistent\n snapshot\n* stops generating hash-prefixed metadata, and versioned-prefixed target\n files\n\nChange-Id: I3cd17e9886f51882d287fe1e1fe76df163942b67\n" }, { "commit": "f74a88347a2a3a43d5155864d66d3ea6b3b9a71c", "tree": "67e1c834ac9cb521463aa13a8c40d0bdc3e1dddc", "parents": [ "c21d33643fa12906814060657663fc0105aa50b0" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 20:01:20 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Oct 02 11:02:59 2019 -0700" }, "message": "Repo should canonicalize metadata\n\nThis makes sure the metadata is in a consistent order to make it easier\nto review changes over times. First, it switches to using cjson to make\nsure the map keys are in order, and strings are canonicalized. However\nthis doesn\u0027t sort the arrays in the metadata, since that would change the\nsignatures.\n\nChange-Id: Id135900d6618bf532e368810e7207485f0fa933e\n" }, { "commit": "c21d33643fa12906814060657663fc0105aa50b0", "tree": "5aa9d1adf629c1a8babf03c1eac7e941c09a5e0c", "parents": [ "e24c8733cd2c0516c01a21245d6e0a69ae4d078c" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Sep 19 09:14:43 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 20:49:13 2019 -0700" }, "message": "Add test to make sure go-tuf interop data doesn\u0027t change\n\nThis is a test that makes sure that the metadata produced by go-tuf\ncannot change out from under it without this metadata from being\nregenerated. It does this by turning the generator script into a\nlibrary, and then doing a diff between the snapshotted metadata\nand the one we just generated.\n\nChange-Id: I3449bc000f77be6495e3198a786693eef40e446c\n" }, { "commit": "e24c8733cd2c0516c01a21245d6e0a69ae4d078c", "tree": "ef79568419d73021e0ec06b097da16d9e1aec6ad", "parents": [ "94664450709f5ff9782e34a8d9ae21ab2428dacd" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Sep 18 18:17:04 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 20:08:50 2019 -0700" }, "message": "Add go-tuf HEAD interop metadata\n\nThis is the initial step towards having a test that validates if a go-tuf\nchange modifies the interop metadata. It currently is just a copy of the\n`go-tuf-transitional-M3` metadata to simplify review.\n\nChange-Id: I59b8fc0717e3f86c26eca95cddefbbef783d57ba\n" }, { "commit": "94664450709f5ff9782e34a8d9ae21ab2428dacd", "tree": "1f1906e1fe34e07ce38a12c5f297f6dbec66f362", "parents": [ "71ec595ee9334f85a608171655858a682ed53672" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 15:38:28 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 20:05:54 2019 -0700" }, "message": "Update go-tuf-transition-M3 to rotate all keys\n\nChange-Id: Ic721537eaf0af44274ecbdc5dda833d0443c2610\n" }, { "commit": "71ec595ee9334f85a608171655858a682ed53672", "tree": "b51a08d19aab77c2c3d81d3e154c7a4181b75d90", "parents": [ "49feb77f44889cfb715a63426f4b08f55e778d8f" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Sep 18 15:49:24 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 20:02:37 2019 -0700" }, "message": "Remove go-tuf interop keys/ dir\n\nThis simplifies tests so we don\u0027t need an intermediate step to filter\nout keys.\n\nChange-Id: I80b6009c979ab595f5caac08455d5d3af699cc4a\n" }, { "commit": "49feb77f44889cfb715a63426f4b08f55e778d8f", "tree": "22167a2d99720019451090b046474d28993a5a1e", "parents": [ "db8ab70308e55d222a32d194982cfe6a591d3b2e" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 13:59:12 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 24 15:22:36 2019 -0700" }, "message": "Repo.AddPrivateKey shouldn\u0027t bump version if keys don\u0027t change\n\nChange-Id: I8cb0f03a2dc73c00c66eecc9782c7e8e779b0406\n" }, { "commit": "db8ab70308e55d222a32d194982cfe6a591d3b2e", "tree": "ecc5e8b2b7acf8a475eef1f67d87fa43907ccc0c", "parents": [ "ef9b127b904f1a035c37b723784597dcf6b95e8d" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Sep 23 16:47:58 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Sep 23 16:47:58 2019 -0700" }, "message": "Roles should ignore duplicate key ids\n\nChange-Id: I750c6fca739f9adfeefba4d31adcdaa99a06576d\n" }, { "commit": "ef9b127b904f1a035c37b723784597dcf6b95e8d", "tree": "aab752e21bd0038bf4f09ade31e2d4f9e1965eeb", "parents": [ "940f4c5d6f1c6246cf97435b8d677d730a004f75" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Aug 13 17:11:02 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Sep 18 13:55:04 2019 -0700" }, "message": "Rewrite interop to not care about number of steps\n\nWe\u0027ll soon be adding python-tuf interop tests. They don\u0027t need to\npersist keys to disk, and therefore don\u0027t need a step to filter out old\nkeys. This changes the interop test to process all the steps in\nthe directories. In addition, the root keys are now no longer parsed\ndirectly from the go-tuf keys directory, but instead they are just\nextracted directly from the test repository\u0027s root.json.\n\nFinally, the `generateRepoFS` helper function has been moved to\nclient_test.go since it\u0027s no longer used in interop_test.go.\n\nChange-Id: I775065850daf511ffeb1bb38d9f6fa012b9f8e56\n" }, { "commit": "940f4c5d6f1c6246cf97435b8d677d730a004f75", "tree": "5980ada2e546688ba5538db952561a23deb87eec", "parents": [ "50e65d28ef2cb239371bb5130a91e5dc7fa13614" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 10:06:28 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 16:17:51 2019 -0700" }, "message": "Regenerate M3 test metadata\n\nThis regenerates metadata produced by\n17c614ed7d68df0ea82e6c3e687a8933c4f7de85.\n\nChange-Id: I915c55d5da314283b597df0c2d24a9078c531b0c\n" }, { "commit": "50e65d28ef2cb239371bb5130a91e5dc7fa13614", "tree": "070c673ff15a97dd57a9c3c80fecab255d0c7d5a", "parents": [ "cad971bb9d015d1cb4231d5b463090925c655517" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 15:51:24 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 16:16:02 2019 -0700" }, "message": "Rewrite go-tuf generate scripts to use shared keys\n\nChange-Id: Ic9f3cafdc5c3ba98416b3610201f1f53c3f4c763\n" }, { "commit": "cad971bb9d015d1cb4231d5b463090925c655517", "tree": "e29ac937cde932491a3e2b3036059dc8b07672c0", "parents": [ "b1ed9a094c13a66e13c494e66f6467055b8e6755" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Sep 13 10:02:51 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 16:16:02 2019 -0700" }, "message": "Add tools to simplify creating conformance metadata\n\nThis adds two new tools to the conformance test suite:\n\n* `gen-keys.go`: Previously we would generate new unique keys for each\n batch of metadata. This means that every time we regenerate metadata,\n the public keys and signatures change, even if the underlying metadata\n didn\u0027t change. `gen-keys.go` is just a script that generates a bunch\n of keys, which can be used by the generator scripts to make the\n metadata more consistent.\n\n* `linkify-metadata.go`: There is a lot of redundancy between each stage\n of the conformance suite, which complicates reviews. This tool removes\n a lot of this redundancy by identifying duplicate metadata and replacing\n it with symlinks to the old data.\n\nChange-Id: If1a6c41422b0a0f846991f27884a7b372d3072cb\n" }, { "commit": "b1ed9a094c13a66e13c494e66f6467055b8e6755", "tree": "dfe90fbb2ef7b175983e72cdf75e1487ff8e2ce6", "parents": [ "f114624f2e1100b42418939ab5f0c44b9fe2587a" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 09:52:42 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 15:51:18 2019 -0700" }, "message": "Drop M{0,1,2} test metadata\n\nIt\u0027s been a sufficiently long time, so we don\u0027t need to keep the old\nmetadata conformance test data around anymore.\n\nChange-Id: I2205a0d64ba0bd36a0c4d72253d9a77d0aa9c79c\n" }, { "commit": "f114624f2e1100b42418939ab5f0c44b9fe2587a", "tree": "07725815b8776d12feee12fae7fd5a317dc3e639", "parents": [ "36b0674a26e71185904ee36c6e77ab355c34456a" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 09:46:34 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 15:49:09 2019 -0700" }, "message": "Allow externally created keys to be added to a repo\n\nThis allow repositories to be initialized with keys created outside of\nthe go-tuf.Repo library. This is especially useful for the conformance\nsuite, since we want to reuse the keys in order to generate consisistent\nfiles.\n\nChange-Id: I9d32e72f6015a63de79a072a48c02569e5dad045\n" }, { "commit": "36b0674a26e71185904ee36c6e77ab355c34456a", "tree": "6c1f1cf7bc7f5fb49b7cc269236e16fa873bb720", "parents": [ "0909416bce24183de48f88186fe29834e5bf4357" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 09:32:01 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Sep 17 12:06:48 2019 -0700" }, "message": "Allow Repo to pretty-print metadata\n\nThis makes it easier to review metadata by a human.\n\nChange-Id: I1f73f544dc2043fb57e864dbab7adac40cd63292\n" }, { "commit": "0909416bce24183de48f88186fe29834e5bf4357", "tree": "32b6bebb3eb3d597548759c46aba257bbe66473e", "parents": [ "17c614ed7d68df0ea82e6c3e687a8933c4f7de85" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri May 31 13:54:14 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Aug 14 08:40:05 2019 -0700" }, "message": "TUF-1.0 requires the version number in snapshots\n\nChange-Id: Ibcacf90c8075ff45c2e04fded869bad471c4c6af\n" }, { "commit": "17c614ed7d68df0ea82e6c3e687a8933c4f7de85", "tree": "96939fab53aa3723be1030da12f0c539cca1a94a", "parents": [ "2e17f059866ed7874f152b7b1407e0402577555e" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Apr 10 16:04:25 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Jun 11 10:50:10 2019 -0700" }, "message": "G3: Generate TUF 1.0 metadata\n\nThis patch completes the transition to generating TUF 1.0 compatible\nmetadata, which entails lowercasing the \"_type\" field, and advancing\nthe \"spec_version\" to \"1.0\".\n\nNote: While go-tuf is producing TUF 1.0 metadata, it does not yet\nimplement the TUF 1.0 workflow.\n\nChange-Id: I6a5f2d38f41668d217add56a1314080d26e12cac\n" }, { "commit": "2e17f059866ed7874f152b7b1407e0402577555e", "tree": "fbde6ce9701344713e1244af1c82dca77fa63222", "parents": [ "5ab807c158d419e64eb3883a4abbffe227cdfec8" ], "author": { "name": "James Tucker", "email": "raggi@google.com", "time": "Fri Jun 07 17:23:47 2019 -0700" }, "committer": { "name": "James Tucker", "email": "raggi@google.com", "time": "Fri Jun 07 17:23:47 2019 -0700" }, "message": "[g2] remove \u003cg2 targets from json\n\nWhen g1.5 reads g2 manifests, it picks a target that matches based on map\niteration order, which is poorly defined behavior.\n\nChange-Id: I0378aaba3e5d818dc9d2ee3fe0138cf7de1186fc\n" }, { "commit": "5ab807c158d419e64eb3883a4abbffe227cdfec8", "tree": "42eef672cfce5820d1587b91db3fdfe835d8387b", "parents": [ "6d321f5c9956806e46e168e3fb3f4a07a88a996d" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 16 08:41:09 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue May 21 16:36:46 2019 -0700" }, "message": "G2: support both TUF 0.9 and 1.0 key ids\n\nThis extends go-tuf to return both the TUF-0.9 style key ids\n(which contain the key type and the key value), and the TUF-1.0\nkey ids (which also contains the signing sheme). This results\nin doubling the key ids in metadata, and doubling the number of\nsignatures signing the metadata. The signed metadata just reuses\nthe signature for both key ids, because hasn\u0027t changed.\n\nNote that this adds support for parsing go-tuf 1.0 metadata, since it\ncan parse TUF 1.0 keyids.\n\nChange-Id: I6eb5dd9420696916924db87d0cd913d311ca6526\n" }, { "commit": "6d321f5c9956806e46e168e3fb3f4a07a88a996d", "tree": "65a87f4ecd95d344874dbc3c08f08f6241f028ff", "parents": [ "da3a537208685d6501b4931817d36fe00c4c9c35" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 21:22:31 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue May 21 16:36:44 2019 -0700" }, "message": "Remove support for leading path separators in targets\n\nTUF 1.0 is considering banning leading path separators, because\nof poor behavior constructing paths across targets and delegates\non local filesystems for certain libraries, like python, where\n`os.path.join(\"/foo\", \"/bar\")` just returns \"/bar\". This patch\nmigrates go-tuf to using and generating metadata without that\nleading separator. However, it temporarily enables consuming\nmetadata with separators to enable a rolling upgrade to 1.0.\n\nChange-Id: Ib7331ecb560fa85098fab6aef8815154905b79f1\n" }, { "commit": "da3a537208685d6501b4931817d36fe00c4c9c35", "tree": "d1e2d447c0f942a9bf240561f84df65ada85589f", "parents": [ "37471556606ddf5aea25053b3593f9b153d5f0f7" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue May 21 15:12:09 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue May 21 16:35:58 2019 -0700" }, "message": "G1.5: Add method to fetch the metadata for a specific target\n\nThis allows clients of go-tuf to be portable before and after\nremoving the leading path separator from target paths.\n\nChange-Id: I264b9e4da0a83523e6cf9e5af3ed9c3332bdba2f\n" }, { "commit": "37471556606ddf5aea25053b3593f9b153d5f0f7", "tree": "708cf91d1f2efd8cd2a5e98f5b35c5faac695a48", "parents": [ "83f1828acca76fa142bb0ff454e6cb37a58afa78" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Sat Apr 13 11:52:14 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 22 10:12:53 2019 -0700" }, "message": "G1: Parse TUF-1.0 key ids if present\n\nTo ease transition to TUF-1.0, this patch allows go-tuf to both\nconsume TUF-0.9 and TUF-1.0 metadata, but produce TUF-0.9 metadata\nthat\u0027s still compatible with the original go-tuf 0.9. It does\nthis by defaulting to generating TUF-0.9 key ids, but if go-tuf\nreceives metadata produced by TUF-1.0, it will parse out both\nthe 0.9 and 1.0 key ids.\n\nNote that it is only safe for this version of go-tuf to produce\nTUF-0.9 metadata based off of other TUF-0.9 metadata. It will produce\nincorrect metadata or error out if it is used to advance TUF-1.0\nmetadata.\n\nChange-Id: I87fffdc17a5456f7e04f990fbd2a0e060340125a\n" }, { "commit": "83f1828acca76fa142bb0ff454e6cb37a58afa78", "tree": "c3a90e5bb1a1474ad85fa8c58273cd96ca9b4244", "parents": [ "af750460bcbc637475c2ab698f72f9682794d662" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 08:59:54 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:54:00 2019 -0700" }, "message": "Repo should atomically write metadata to disk\n\nBug: PKG-619 #done\nChange-Id: Ibe8ded0e7bbe862271362194acc035ce4eca72ab\n" }, { "commit": "af750460bcbc637475c2ab698f72f9682794d662", "tree": "34931bbae24829b556c27791e0f2d160b66a32ad", "parents": [ "fa3b0ccccd68b8ce227092cfa69848eecaf97e9c" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 16 10:47:20 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:31:51 2019 -0700" }, "message": "Only consider the count of valid keys to verify thresholds\n\nSince keys can now contain multiple key ids, we need to protect\nagainst metadata being signed multiple times with the same key,\nonly differentiating the signature by the key id. This protects\nus from an attacker that steals one key, but go-tuf would count\nit N times, where N is the number of key ids.\n\nChange-Id: I8db285a3f8d6610c772cd7120f69fb118513000a\n" }, { "commit": "fa3b0ccccd68b8ce227092cfa69848eecaf97e9c", "tree": "7cb4a2d4e06a7efa2b0c4207f3fe66a4e7358df4", "parents": [ "68099eb5f547eda25a9a7a4505da4cebd70556b4" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Apr 10 21:31:07 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:31:51 2019 -0700" }, "message": "Factor python tests into a package\n\nIn order to facilitate testing go-tuf inside fuchsia, this factors\nout the python tests, which have dependencies both on git and\npython into a subpackage so they can be excluded from the test\nsuite.\n\nChange-Id: Ieba19919dc5f8b3fb4f3571317008ac5e21c2322\n" }, { "commit": "68099eb5f547eda25a9a7a4505da4cebd70556b4", "tree": "a46954b64f234f20676368e4560c04ccd6dda05f", "parents": [ "a9469e9c68ad9981ad6790bdd149efa818cbadc9" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 21:22:19 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:31:51 2019 -0700" }, "message": "Partially Revert \"Remove support for leading path separators in targets\"\n\nIn order to generate metadata that\u0027s compatible with go-tuf 0.9,\nthe targets metadata still needs the leading slash. This reverts\nrewriting the targets, but preserves the `loadTargets` workaround\nso the transitional go-tuf can continue to parse 0.9 and 1.0 style\nmetadata.\n\nThis reverts commit 9d564c6f984962fe8e4f86568f6419efc8cbe091.\n\nChange-Id: Ib89e635a6961329589822089611ca47c627eb5fa\n" }, { "commit": "a9469e9c68ad9981ad6790bdd149efa818cbadc9", "tree": "2b17c282fc37c15e725f433fe24a76d68ca05ac9", "parents": [ "aaada75f005ec5326ab92de10290b5f1d16726ee" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 20:54:43 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:30:53 2019 -0700" }, "message": "Revert \"support both TUF 0.9 and 1.0 key ids\"\n\ngo-tuf G0 cannot parse multiple Key IDs, so this removes support for\nthem. Instead, an intermediate transition will need to be landed first\nthat won\u0027t error if multiple key ids are provided.\n\nThis reverts commit a135fd74de52698c6b098096d1f9e436cc177bb6.\n\nChange-Id: Id3ae4116d5ca8f78d565f3f38901b2a27b6d4a4b\n" }, { "commit": "aaada75f005ec5326ab92de10290b5f1d16726ee", "tree": "9208ba281abab7aa9ba545677d02c23e428edf46", "parents": [ "8e1f04e399f0892cae1d34a05d385ea201751311" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 17:13:47 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 16:27:17 2019 -0700" }, "message": "Partially Revert \"Repo LocalStore should not mix staged and committed metadata\"\n\nIt turns out I misunderstood the purpose of Repo, it is solely\nresponsible for creating, staging, and committing staged data.\nThe actual bug I was fixing was commits create the\nversioned/hashed-prefix files, and we weren\u0027t committing in\nall the places we needed to. By decoupling staged and committed\nmetadata, it broke the CLI tools from being able to read\nmetadata in between invocations.\n\nThis reverts commit ccf981beeae03896732aad4438d1074b991e9c3b\n\nTest: This adds a test to make sure we can always interact\nwith staged metadata with new repositories.\n\nChange-Id: I4f8933f2f13385a349441c78c874b388f5ffed96\n" }, { "commit": "8e1f04e399f0892cae1d34a05d385ea201751311", "tree": "93cfc80c0c7502d30201f8d58b1a30b741d2ac81", "parents": [ "74d6dab3b696a6d7f6e39d7085ec66f4fd8361a7" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 11 21:38:58 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 10:25:45 2019 -0700" }, "message": "Assert that this err is nil\n\nThe return value of Update in this test case is nil, so we should assert\nthat it\u0027s actually nil, and not some other unexpected error. This also\navoids an apparent code generation bug on fuchsia, that trips over a\nsegfault in the reflection library when it\u0027s trying to reflect the\ntype of a `var err error` when `err` is `nil`.\n\nChange-Id: I03eae3ba99de3cc4b27ad929991b755ffc484be7\n" }, { "commit": "74d6dab3b696a6d7f6e39d7085ec66f4fd8361a7", "tree": "514f2413457ca7a80e417845ab762d4bbdcf9bfa", "parents": [ "46b4b4fae093d90cdf35f20fd40b6635e4d9a682" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 08 09:16:00 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 19 10:25:45 2019 -0700" }, "message": "Add tests to for parsing TUF transitional metadata\n\nThis adds tests to verify that we can upgrade TUF with metadata\ngenerated with a few different stages of go-tuf:\n\n* go-tuf-transition-M0: metadata generated with the original\n go-tuf 0.9, and is compatible with go-tuf transitional and\n python-tuf 0.9.9.\n\n* go-tuf-transition-M1: TUF-0.9 compatible metadata that\n is still compatible with go-tuf 0.9, go-tuf transitional, and\n python-tuf 0.9.9. Changes:\n * It includes the field \"spec_version\"\n * there are no gaps between version numbers.\n\n* go-tuf-transition-M2: TUF-0.9 compatible metadata that\n is no longer compatible with go-tuf 0.9, but is still compatible\n with go-tuf transitional and python-tuf 0.9.9. Changes:\n * It adds \"keyid_hash_algorithms\" and \"scheme\" to keys in the\n root metadata.\n * It contains both TUF-0.9 and TUF-1.0 compatible keyids\n * It removes leading slashes from targets.\n\n* go-tuf-transition-M3: TUF-1.0 compatible metadata that is\n compatible with go-tuf transitional, go-tuf 1.0 and python-tuf\n 0.11.1. Changes:\n * Downcases the \"_type\" field.\n\n* go-tuf-transition-M4: TUF-1.0 compatible metadata that is\n compatible with go-tuf 1.0 and python-tuf. Changes:\n * Removes the TUF-0.9 compatible keyid.\n * Removes \"method\" from \"signatures\".\n\nEach test generates a series of repos to confirm that go-tuf can:\n\n* create an initial repo, and adds a test file \"0\"\n* revokes and regenerates the timestamp key, adds a test file \"1\".\n* purge the timestamp key to make sure the metadata isn\u0027t signed\n by the revoked key, and add test file \"2\"\n* revoke and regenerates the root key, and adds a test file \"3\"\n* purge the root key, and adds a test file \"4\"\n* adds a test file \"5\" to make sure the entire pipeline works.\n\nFinally, the tests that all files are accessible through each\nstep in the testing.\n\nChange-Id: I5af1c1137e99719e3833ad694e59aa4bcad854ea\n" }, { "commit": "46b4b4fae093d90cdf35f20fd40b6635e4d9a682", "tree": "cb44ebfa5c85af19f0bbaa953fb699ed72e8a98b", "parents": [ "d7c50df512b5d54382bb0ce08ff5fc208b11774b" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 16:39:23 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 09 20:46:17 2019 -0700" }, "message": "Read staged metadata from the staged dir\n\nChange-Id: I630cd3193f7c7267238b06ad948ef5e70da666ed\n" }, { "commit": "d7c50df512b5d54382bb0ce08ff5fc208b11774b", "tree": "4808f8cd1768860074ccd0f0b8aa9451916e0bc1", "parents": [ "9306bbf8a0bf6fc547d9ed78e07e0a081ff216ab" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 08 21:11:03 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 08 21:25:54 2019 -0700" }, "message": "Ignore unknown keyids\n\nDuring the upgrade to TUF-1.0, we will have two sets of keyids\nto correspond to the TUF-0.9 and TUF-1.0 metadata. This patch\nsimply ignores unknown metadata.\n\nChange-Id: Ic36dc02b76528484bed9d071bf8f4d9a09f49f6f\n" }, { "commit": "9306bbf8a0bf6fc547d9ed78e07e0a081ff216ab", "tree": "e0fd86108f5ffcff40f012f6ee3dab8919e304d7", "parents": [ "7128c3e011adca3004c5e26e7f637b495e76dd1e" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 05 08:49:58 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 08 11:08:34 2019 -0700" }, "message": "Support downloading versioned metadata\n\nTUF-1.0 now version-prefixes to the filename of all the consistent\nsnapshot metadata f, which differs from TUf-0.9, which hash-prefixes\nthese filenames. This patch changes the download to first attempt\nto download the version-prefixed metadata, and support falling back to\ndownloading the hash-prefixed metadata if the version-prefixed\nfile doesn\u0027t exist, or we don\u0027t know the version to download.\nThat can happen if we\u0027re dealing with a TUF-0.9 snapshot,\nwhich might not contain the target metadata version numbers.\n\nChange-Id: If3202c617c6dfba1d7717dcae6f4ed4d1c0ca494\n" }, { "commit": "7128c3e011adca3004c5e26e7f637b495e76dd1e", "tree": "b72d85365f090637c68032a8d99c2a196d0b08f9", "parents": [ "b1c6af0027c20cd4e627d4953e7a5d3cea4df5b0" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 20:12:49 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Mon Apr 08 11:08:34 2019 -0700" }, "message": "Lift verify.Unmarshal* into methods\n\nChange-Id: I56a26e05188c39f3d90f37c20234eff294d8f89c\n" }, { "commit": "b1c6af0027c20cd4e627d4953e7a5d3cea4df5b0", "tree": "c1191ad63cb4ed61912a06cf8689a5af6b925db9", "parents": [ "cda3e1438d748e9d054e4f369dc59721fb1bbc3f" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 05 08:44:12 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Apr 05 09:50:36 2019 -0700" }, "message": "Snapshot length and hashes fields are optional in TUF-1.0\n\nTUF-1.0 in section 4.4.4 no longer requires the `length` and\n`hashes` fields to be present on the metadata contained in the\nsnapshot role. This patch makes those fields optional by\nonly using them for equality if they are listed in the\n`expected` object.\n\nChange-Id: I42b9a26fb9b1c5115cd0005a3c489c97f7eb328e\n" }, { "commit": "cda3e1438d748e9d054e4f369dc59721fb1bbc3f", "tree": "d3e8b248fbe8b9e977a819edae415e2d5700cfab", "parents": [ "1b5ffa5a51463d7d51d4fc6bf60a7eda390e473c" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 21:51:20 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 21:52:57 2019 -0700" }, "message": "Generate versioned metadata\n\nWhen consistent snapshots is enabled in TUF-1.0, all metadata\nbut the timestamp role needs to generate versioned prefixed\nfilenames, like \u003cversion\u003e.targets.json. This is opposed to\nTUF-0.9, which prefixes the file hash to the filename. This\npatch extends the repo.go to generate these versioned files\nwhile continuing to generate the TUF-0.9 hashed files for\nbackwards compatibility.\n\nChange-Id: I3ad622dc934ba3052a681a66d0cb76db26e77495\n" }, { "commit": "1b5ffa5a51463d7d51d4fc6bf60a7eda390e473c", "tree": "6d3bd2b92a0ecd93d40c8a64258303957ae3f340", "parents": [ "94ab19e67b675c7235a518818f03d97b6ef2537e" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 12:16:21 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 21:52:54 2019 -0700" }, "message": "local_store.memoryStore should store hashed data\n\nThis fixes the local_store.memoryStore to prefix hashes\nto metadata paths when consistent snapshots are enabled.\n\nAlso, this fixes a bug in the client tampering tests,\nwhich has consistentSnapshot\u003dfalse, but it was committing\nthe tampered metadata with consistentSnapshot\u003dtrue. Now\nthat local_store prefixes filenames when consistentSnapshot\nis true, this test wasn\u0027t able to to find the metadata.\nSwitching to consistentSnapshot\u003dfalse fixes the tests.\n\nChange-Id: Ifdc40ffa6bcaab5009b405ba653671235ff35965\n" }, { "commit": "94ab19e67b675c7235a518818f03d97b6ef2537e", "tree": "290e92308a7fcdc7057f1f7a4031774238530bbe", "parents": [ "5e9171b34b2af8850dd7e6a172ee29c21e3a1c21" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 21:28:30 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 21:36:55 2019 -0700" }, "message": "Tests should commit befoe syncing to remote stores\n\nNow that the repository clearly delinates between staged and\ncommitted metadata, we need to make sure that tests commit\nthe repository before we copy local test data to the remote\nrepository.\n\nChange-Id: Iae74b949df69ae5dbc63e018a5e69210c3da51b3\n" }, { "commit": "5e9171b34b2af8850dd7e6a172ee29c21e3a1c21", "tree": "fe0fcb3b5801322b6eac71e9f426b7be85195b9e", "parents": [ "696dba4861f2a4f774cdbf79bb5167f6cada3dff" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 20:09:37 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 20:21:07 2019 -0700" }, "message": "Add spec_version to the metadata\n\nTUF-1.0 adds a `spec_version` field to represent the current version of\nthe TUF spec this metadata supports. This patch extracts out this change\nfrom the TUF-1.0 to slim it down for review. Because as of this patch\ngo-tuf still supports the 0.9 workflow, I used \"0.9\" for the version.\nThis will be switched to 1.0 once the 1.0 workflow is implemented.\n\nChange-Id: I4b256a172a9de9c40abc484d9f290e82d5bbb975\n" }, { "commit": "696dba4861f2a4f774cdbf79bb5167f6cada3dff", "tree": "466d7eccf1de7c5e6426c5bfd29c22ade4d0988c", "parents": [ "9d564c6f984962fe8e4f86568f6419efc8cbe091" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Wed Mar 27 21:01:49 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 09:43:35 2019 -0700" }, "message": "Use different limits for metadata downloads\n\nThis uses the same limits that python-tuf uses by default\nto protect against large downloads. This should eventually\nbe controlled by the client.\n\nChange-Id: Ie16b0ebd7cc6936e041a909b5d607c8c26cd9a08\n" }, { "commit": "9d564c6f984962fe8e4f86568f6419efc8cbe091", "tree": "f88dc401fca0a60f4d8daeb936201f6846290633", "parents": [ "a135fd74de52698c6b098096d1f9e436cc177bb6" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 09:40:43 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 09:43:30 2019 -0700" }, "message": "Remove support for leading path separators in targets\n\nTUF 1.0 is considering banning leading path separators, because\nof poor behavior constructing paths across targets and delegates\non local filesystems for certain libraries, like python, where\n`os.path.join(\"/foo\", \"/bar\")` just returns \"/bar\". This patch\nmigrates go-tuf to using and generating metadata without that\nleading separator. However, it temporarily enables consuming\nmetadata with separators to enable a rolling upgrade to 1.0.\n\nChange-Id: I88a3a79f4d6f84a1521c7789c208e0bf00b08366\n" }, { "commit": "a135fd74de52698c6b098096d1f9e436cc177bb6", "tree": "e3cadc8f23c6a48f421ad6f2a24c3cd2d20db335", "parents": [ "33b49cabdedcfbe1adffe7e5813f78a629404fc9" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Sun Mar 31 20:41:04 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 09:39:54 2019 -0700" }, "message": "support both TUF 0.9 and 1.0 key ids\n\nThis extends go-tuf to return both the TUF-0.9 style key ids\n(which contain the key type and the key value), and the TUF-1.0\nkey ids (which also contains the signing sheme). This results\nin doubling the key ids in metadata, and doubling the number of\nsignatures signing the metadata. The signed metadata just reuses\nthe signature for both key ids, because hasn\u0027t changed.\n\nChange-Id: I8b64dc4c3d0222578340530de7721aa855311f42\n" }, { "commit": "33b49cabdedcfbe1adffe7e5813f78a629404fc9", "tree": "d6b02653acf2f5275ec8699aa638d43323d06843", "parents": [ "e2c56d065a8e199c4b1e0674940481ef94a2aabf" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Mar 28 21:52:31 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Apr 04 09:38:29 2019 -0700" }, "message": "Support multiple key ids for keys\n\nThe TUF standard allows for keys to have multiple key ids, such\nas if we wanted to support key ids being generated with sha256\nand sha512. For our case, we wan to to be able to support both\nthe TUF 0.9-style key generation (which only includes the key\ntype and actual value), and the 1.0-style (which also mixes in\nthe signing scheme into the key id) at the same time.\n\nChange-Id: I923a92fff490cbdc0f64600c3871512b34f05f04\n" }, { "commit": "e2c56d065a8e199c4b1e0674940481ef94a2aabf", "tree": "231715bbe8f115177a0be028237d4606f643f772", "parents": [ "723a5c8bde9e391fa8a91421526c96cb7a6e37dc" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Mar 19 20:25:51 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 09:43:12 2019 -0700" }, "message": "Generate python-tuf 0.11.1 test metadata\n\nThis patch generates test metadata with python-tuf 0.11.1, which is\ncompatible with TUF 1.0. This will be used to eventually verify that\ngo-tuf is compatible with TUF 1.0.\n\nChange-Id: If27176afd7b070adcfe7c15961a45a339b20a493\n" }, { "commit": "723a5c8bde9e391fa8a91421526c96cb7a6e37dc", "tree": "d3f4fd8e940f1960d0c2e494dd41de494a8d05be", "parents": [ "ccf981beeae03896732aad4438d1074b991e9c3b" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Sat Mar 23 10:00:10 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 09:41:03 2019 -0700" }, "message": "Move python testdata into python-tuf-v0.9.9\n\nThis moves the python-tuf test metadata into a new namespaced directory,\nin order to avoid collisions with python-tuf v0.11.1 test metadata,\nwhich will be coming in a separate patch.\n\nChange-Id: Ic71d558a698f8f122d42b6f05874a0c37e7cb94c\n" }, { "commit": "ccf981beeae03896732aad4438d1074b991e9c3b", "tree": "a99bfefc4a409fad2dc0b595140f0e78441534da", "parents": [ "1157b712b0e1eeccbbf9d50265a320ab049871c8" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Mar 26 21:58:23 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 09:35:15 2019 -0700" }, "message": "Repo LocalStore should not mix staged and committed metadata\n\nThe Repo struct is responsible for updating TUF metadata on\nthe local system. It implements a staging model, where multiple\nmetadata changes can be staged before comitting to the actual\nrepository. This is to support the ability to use keys on isolated\nmachines to sign the metadata.\n\nUnfortunately the LocalStore implementation mixed together the\nGetMeta method to return both committed and staged metadata,\nwhich resulted in tests getting confused about treating staged\nmetadata as being committed, without actually committing the\nmetadata. This patch changes this behavior in order to have\nseparate APIs to read staged metadata when it is actually needed.\n\nChange-Id: Ic443f5b90963158fa569d2a40479f59cd7eea11a\n" }, { "commit": "1157b712b0e1eeccbbf9d50265a320ab049871c8", "tree": "0fcf0a3bfcb16964a3b97ccb08104e6fec024e90", "parents": [ "ee89ec2ec3f8440a1c0420d62cde3eeb729abb50" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Mar 26 21:40:55 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 09:20:24 2019 -0700" }, "message": "Remove unused meta argument from LocalStore.Commit\n\nChange-Id: I084ad1cd5b98ebf04bc3dd1bd0679b78c188d9e6\n" }, { "commit": "ee89ec2ec3f8440a1c0420d62cde3eeb729abb50", "tree": "1e1a9354d33bf1f7205e0242e8d2c5b17ef71f60", "parents": [ "9b9e07ae4ea4cd4fe9bd2ed86592ebe484e6c604" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Mar 22 21:18:54 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 09:16:30 2019 -0700" }, "message": "Use metadata-specific FileMeta\n\nIn TUF 1.0, each of the metadata roles have different rules for what\nneeds to be in the metadata:\n\n* timestamp - version, optional length and hashes\n* snapshot - version, optional length, and required hashes for delegated\n roles\n* targets - hashes, length\n\nTo make this easier to track in go-tuf, this creates a unique file for\neach role in order to ease implementing these different cases, and to\nlet the type system protect against checking using the wrong test to\nverify if some download is correct.\n\nChange-Id: I944467694e0dc13edee4b64c46dc72ac38295fae\n" }, { "commit": "9b9e07ae4ea4cd4fe9bd2ed86592ebe484e6c604", "tree": "a4580ab663afe9d2c165e94ef0a2490c878c92c7", "parents": [ "998f2ab38bb1bd469613ca31c4bf51429496c930" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Mar 26 17:55:16 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 08:22:13 2019 -0700" }, "message": "Only increment metadata version once\n\nTUF 1.0 requires that the root data must always increase,\nand cannot skip numbers. This change makes sure that we only\nincrement numbers once until we commit.\n\nChange-Id: I3fa54ea0b958e41d91c0a14f8a94febe5548a78c\n" }, { "commit": "998f2ab38bb1bd469613ca31c4bf51429496c930", "tree": "249ab7ecb92fcf0cfa99c204359aba0c169ec2c4", "parents": [ "caea8e2898161da08ffc580e148a67f1a0307e28" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Mar 21 08:22:09 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 08:17:00 2019 -0700" }, "message": "include role name in ErrUnknownRole\n\nChange-Id: Iff184e98ce6335ef41b0e9c08547a9cc842f0afb\n" }, { "commit": "caea8e2898161da08ffc580e148a67f1a0307e28", "tree": "8faed378fcce8fc3339618df5d2b28caefdb22e9", "parents": [ "9bb6804526991bffca3b19d65c610a747df6e60a" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Mar 22 20:26:33 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 08:07:17 2019 -0700" }, "message": "Fix checking if metadata version number is correct\n\nIn TUF 1.0, the snapshot and timestamp metadata only requires that it\ncontains the version number of the target files. To be backwards\ncompatible, I added support to generate these files that includes the\nversion number, but the logic to confirm if version matched was\nincorrect.\n\nIt assumed that the version number was in the snapshot/timestamp\nmetadata, and could error out if the snapshot/timestamp was generated by\nan older go-tuf that didn\u0027t insert the version numbers. This patch\nchanges the check to only verify versions if the version number is\npresent in the snapshot/timestamp. It also includes a number of tests to\nmake sure the logic is correct.\n\nChange-Id: I97e5f5cdf847e3326027d58c7a191c033e70050b\n" }, { "commit": "9bb6804526991bffca3b19d65c610a747df6e60a", "tree": "8ec75026a4688940ad780f0382464860769d52e4", "parents": [ "f3f025e1f70ddd4e5dba9b94fc369a3ccc108534" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Fri Mar 22 13:39:58 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Apr 02 08:04:46 2019 -0700" }, "message": "Extend ErrWrongLength with actual lengths\n\nThis extends util.ErrWrongLength to include the expected and actual\nlengths. This was done to enable tests to verify the right sizes were\nbeing returned.\n\nChange-Id: I896239c2b90fe2772d60406db6f848ee7bbda9df\n" }, { "commit": "f3f025e1f70ddd4e5dba9b94fc369a3ccc108534", "tree": "f6c0b33c458a93bbd9429fe8faa67f1e1f8ca9c1", "parents": [ "19534056cdd8ada546b930c7a6582d39dfec616b" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Sun Mar 24 14:28:10 2019 -0700" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Sun Mar 24 14:28:10 2019 -0700" }, "message": "Use gofmt to simplify the code\n\nChange-Id: I228d7335a6914dc9e90f6fdcc52e286893bddd70\n" }, { "commit": "19534056cdd8ada546b930c7a6582d39dfec616b", "tree": "1ed348392ecc565e2c453688122bc5fdb0b77062", "parents": [ "0ffe89ecb946fffff851ee01c968d0d8c12a7943" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Feb 28 10:39:55 2019 -0800" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Feb 28 21:28:43 2019 -0800" }, "message": "update go-tuf to store metadata version numbers in snapshots and timestamps\n\nIn the latest 1.0 draft version of TUF, the \"meta\" object in\nsnapshot.json and timestamp.json contain a version number,\nin addition to the hash of the objects. Adding this is one step\ntowards getting go-tuf compatible with other 1.0 draft compatible\nclients.\n\nTest: Manually ran go-tuf\u0027s unit tests and they passed\nBug: PKG-450 #done\nChange-Id: I206928c9a6ac87b6b51a82b68083d7746d6854cd\n" }, { "commit": "0ffe89ecb946fffff851ee01c968d0d8c12a7943", "tree": "0a4ed4ed14cc356eff225228a620aaa1811331ad", "parents": [ "18c41c82ff2cbcd22d24b4c96e3d25e3863ce53f" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Feb 28 14:02:12 2019 -0800" }, "committer": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Thu Feb 28 14:03:32 2019 -0800" }, "message": "Fix references to FileLocalStore to get tests to pass\n\nThis fixes some references to FileLocalStore in order\nto get `go test ./...` to fully pass.\n\nChange-Id: I0a1558da580f86751cd6fe69ebc24b7baf7ffc6a\n" }, { "commit": "18c41c82ff2cbcd22d24b4c96e3d25e3863ce53f", "tree": "64f19843568c51d86e414bfe403a4899121029ec", "parents": [ "17fe7131b429f3f6144c0ee91f2f0c4cebc779ca" ], "author": { "name": "James Tucker", "email": "raggi@google.com", "time": "Sun Aug 05 13:11:41 2018 -0700" }, "committer": { "name": "James Tucker", "email": "raggi@google.com", "time": "Sun Aug 05 13:11:41 2018 -0700" }, "message": "[local_store] make the leveldb store a package\n\nWe don\u0027t want to compile in leveldb and snappy in some cases, so this is\nmoved to it\u0027s own package. We can likely remove it later.\n\nChange-Id: I6415ec8667d6f704ae28fa3132d543885f179f2c\n" }, { "commit": "17fe7131b429f3f6144c0ee91f2f0c4cebc779ca", "tree": "8b39b35d97c3be11154b900c8aac32f1b45a01be", "parents": [ "9a90537f4958d10dcaabf34fb85628274e7de328" ], "author": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Mon May 07 10:51:01 2018 -0700" }, "committer": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Fri May 25 21:10:50 2018 +0000" }, "message": "Add API to get/set metadata versions\n\nThis allows for greater control over versioning of the repo.\n\nChange-Id: I163230ab14816c31b2d86c8b2705f9bdbf124bec\n" }, { "commit": "9a90537f4958d10dcaabf34fb85628274e7de328", "tree": "6d66f738d86e79b0db2958ff53895dec913aaf57", "parents": [ "ccc55922bf6167995aabc750be433b9f408fd572" ], "author": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Mon May 21 15:54:40 2018 -0700" }, "committer": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Mon May 21 16:01:07 2018 -0700" }, "message": "Allow HTTP Client to be supplied\n\nThis will allow for more customized behavior than is currently\navailable.\n\nChange-Id: I45e1bfe66469148c5bd6d228af0a7002d8f048a4\n" }, { "commit": "ccc55922bf6167995aabc750be433b9f408fd572", "tree": "519c17511d9e29b5170d5006c03dbda2a8264189", "parents": [ "b5a4a00144c4dde89427b58893bedc6b53e662b1" ], "author": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Wed May 31 11:24:46 2017 -0700" }, "committer": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Wed May 31 11:24:46 2017 -0700" }, "message": "Try the empty password\n\nChange-Id: Ic4b6fb9237ccf30c2dd9161a137bdd3c8919e6be\n" }, { "commit": "b5a4a00144c4dde89427b58893bedc6b53e662b1", "tree": "239cfae0172571cb30fd7695c702b87f13501503", "parents": [ "a98aea1463c972506e302344ebbfa30f85b74f2f" ], "author": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Fri May 26 17:25:07 2017 -0700" }, "committer": { "name": "Justin Mattson", "email": "jmatt@google.com", "time": "Tue May 30 11:28:19 2017 -0700" }, "message": "Switch from boltdb to leveldb\n\nThe functionality is similar, but leveldb does not require mmap\nwhich Fuchsia doesn\u0027t currently support.\n\nAlso remove dependency on the Docker term package because Fuchsia\nthis relies on Termios which we don\u0027t want to port now, if ever.\n\n(This is mostly a re-apply of https://fuchsia.googlesource.com/amber/+/53b44641b4e62c183fb54a65253d885affb714da)\n\nChange-Id: I0a6e4bd433b2ba36626b72bbbcd6ead05f7c5343\n" }, { "commit": "a98aea1463c972506e302344ebbfa30f85b74f2f", "tree": "622b14c5034e0af4136a6288f238699920fb61aa", "parents": [ "0d42b7c36a69aa39943423a287fbc9f195eb2f30" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jan 08 03:03:16 2017 +0000" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jan 08 03:57:50 2017 +0000" }, "message": "repo: Add Repo.Targets\n\nSigned-off-by: Lewis Marshall \u003clewis@lmars.net\u003e\n" }, { "commit": "0d42b7c36a69aa39943423a287fbc9f195eb2f30", "tree": "fb2c28d9695b2455f46c766a229fd626616fdfed", "parents": [ "0b3fbb93809a73112cebedbdb18b13b78dde4825", "3a660d84e9e1ed80258a4af78ba5245da148ffab" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sat Aug 27 21:08:22 2016 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Aug 27 21:08:22 2016 +0100" }, "message": "Merge pull request #99 from flynn/server-error-retries\n\nSupport retrying HTTP requests for remote server errors" }, { "commit": "3a660d84e9e1ed80258a4af78ba5245da148ffab", "tree": "fb2c28d9695b2455f46c766a229fd626616fdfed", "parents": [ "0b3fbb93809a73112cebedbdb18b13b78dde4825" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Fri Aug 26 17:47:24 2016 +0100" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sat Aug 27 21:03:45 2016 +0100" }, "message": "Support retrying HTTP requests\n\nSigned-off-by: Lewis Marshall \u003clewis@lmars.net\u003e\n" }, { "commit": "0b3fbb93809a73112cebedbdb18b13b78dde4825", "tree": "3f4ca39b3a1d60a428805a9dab6eae7468326439", "parents": [ "f861e9c71b41eadddd79fde5ba499ce6fd7e609c", "596db52f15e802e10bc9b957c49e5ab3f1d06c9e" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 20:11:09 2016 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Aug 12 20:11:09 2016 -0400" }, "message": "Merge pull request #98 from flynn/ecdsa\n\nECDSA verification support" }, { "commit": "596db52f15e802e10bc9b957c49e5ab3f1d06c9e", "tree": "3f4ca39b3a1d60a428805a9dab6eae7468326439", "parents": [ "9e8df3cd16409ab9f4fda05d59f931e70f1c98db" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 18:38:49 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:59:20 2016 -0400" }, "message": "verify: Add support for ecdsa-sha2-p256 signatures\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "9e8df3cd16409ab9f4fda05d59f931e70f1c98db", "tree": "6df7a0288630a54c909ba28244c2373bdcd9cfc7", "parents": [ "f861e9c71b41eadddd79fde5ba499ce6fd7e609c" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 18:19:55 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:59:19 2016 -0400" }, "message": "verify: Don\u0027t assume signature method, use key type\n\nIt is unsafe to use the signature method field, as it could result\nin a key confusion attack. Use the key type instead.\n\nAlso, don\u0027t assume that we\u0027re only working with Ed25519.\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e\n" }, { "commit": "f861e9c71b41eadddd79fde5ba499ce6fd7e609c", "tree": "6d41b5f52c55697d8c418195c8dba22731663a82", "parents": [ "d65801fc7514ab264903db1fbef9e1b84a569886", "7b6ea79472b5f43083716dfc0adc8ce05d31405e" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:58:49 2016 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Aug 12 14:58:49 2016 -0400" }, "message": "Merge pull request #97 from flynn/split-sign-verify\n\nSplit sign and verify packages" }, { "commit": "7b6ea79472b5f43083716dfc0adc8ce05d31405e", "tree": "6d41b5f52c55697d8c418195c8dba22731663a82", "parents": [ "851dc5c82fe71db988917b629759bc1856c4fc8f" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 15:58:46 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:36:05 2016 -0400" }, "message": "Split signed package into sign and verify packages\n\n- Merge key database package keys into package verify\n- Use Verifiers to check key validity instead of hard-coding\n Ed25519.\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "851dc5c82fe71db988917b629759bc1856c4fc8f", "tree": "78f7a027acc41b27e456386a5e3757cf84e1965c", "parents": [ "d65801fc7514ab264903db1fbef9e1b84a569886" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 15:20:04 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:35:39 2016 -0400" }, "message": "Move public key validation logic to signed package\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "d65801fc7514ab264903db1fbef9e1b84a569886", "tree": "4eaec50844fa68332dd23d625a85991e08326302", "parents": [ "82ed8591c2f9fa5170479d252ac4d81be49c6496", "47aba77be4b91ee08cc61bc0ae1a640e9903f76f" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:34:18 2016 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Aug 12 14:34:18 2016 -0400" }, "message": "Merge pull request #96 from flynn/refactor-keys\n\nRefactor key handling" }, { "commit": "47aba77be4b91ee08cc61bc0ae1a640e9903f76f", "tree": "4eaec50844fa68332dd23d625a85991e08326302", "parents": [ "5367c53f640ece77a908e3379ae4698c92db9857" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 14:40:55 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Fri Aug 12 14:32:01 2016 -0400" }, "message": "Refactor key handling\n\n- Don\u0027t mix private and public key structs, use a separate struct\n for private keys.\n- Only store public keys in database used for signature\n verification.\n- Use crypto.Signer interface instead of providing private keys\n directly when signing.\n- Don\u0027t make as many assumptions about using Ed25519 keys\n everywhere.\n- Ignore unknown key types when populating the public key database.\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e\n" }, { "commit": "5367c53f640ece77a908e3379ae4698c92db9857", "tree": "c2269d091d08a82f3bce54a2469290f4c62f6e76", "parents": [ "4c690a99d06dda253763d8dae3cb01e0661edc20" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Mon Aug 08 15:15:05 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Aug 09 14:40:13 2016 -0400" }, "message": "Use golang.org ed25519 package\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "4c690a99d06dda253763d8dae3cb01e0661edc20", "tree": "43c584ca7c90b0803c06b6eac24b31c279fd91ec", "parents": [ "82ed8591c2f9fa5170479d252ac4d81be49c6496" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Mon Aug 08 14:46:24 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Mon Aug 08 15:11:54 2016 -0400" }, "message": "Remove unused RSA signature verifier\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "82ed8591c2f9fa5170479d252ac4d81be49c6496", "tree": "fe82ae490f334e41094894623431fc5bddfbeb34", "parents": [ "0bb0dc9389665565aff2076752231214bb68a6c4", "8436e5cdafb92d8bc152302f73eebfd91161fb61" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 20:08:40 2016 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Jun 18 20:08:40 2016 -0400" }, "message": "Merge pull request #95 from flynn/update-travis\n\nTest on Go 1.6" }, { "commit": "8436e5cdafb92d8bc152302f73eebfd91161fb61", "tree": "fe82ae490f334e41094894623431fc5bddfbeb34", "parents": [ "0bb0dc9389665565aff2076752231214bb68a6c4" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 12:31:53 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 12:33:44 2016 -0400" }, "message": "Test on Go 1.6\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "0bb0dc9389665565aff2076752231214bb68a6c4", "tree": "3731c16eb07237bb2d61e04c2f7642c8665a82fe", "parents": [ "6093a53dc624b89fd1c03f6a729b9b0c81e92c07", "fe200399fb8be38c17614acc4c06481d0779c615" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 11:11:59 2016 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Jun 18 11:11:59 2016 -0400" }, "message": "Merge pull request #94 from flynn/remove-godeps\n\nRemove Godeps" }, { "commit": "fe200399fb8be38c17614acc4c06481d0779c615", "tree": "3731c16eb07237bb2d61e04c2f7642c8665a82fe", "parents": [ "6093a53dc624b89fd1c03f6a729b9b0c81e92c07" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 11:05:59 2016 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Sat Jun 18 11:05:59 2016 -0400" }, "message": "Remove Godeps\n\nNon-main packages should not use Godeps, all of our dependencies are quite\nstable, and the new vendoring system allows importers to control things\nproperly.\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "6093a53dc624b89fd1c03f6a729b9b0c81e92c07", "tree": "b0ec3512df5d7bc6f0041934dd9e2b034e8f6bf6", "parents": [ "69ec51cc76d2b025e819174cb073c46f1629390e", "ada21154e9f96cdf1d02d096174344b53769d1f7" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Feb 11 02:19:55 2016 +0000" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Feb 11 02:19:55 2016 +0000" }, "message": "Merge pull request #92 from flynn/fix-local-expired-root\n\nclient: Always initialize keys DB from local storage" }, { "commit": "ada21154e9f96cdf1d02d096174344b53769d1f7", "tree": "b0ec3512df5d7bc6f0041934dd9e2b034e8f6bf6", "parents": [ "69ec51cc76d2b025e819174cb073c46f1629390e" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Wed Feb 10 15:18:52 2016 +0000" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Feb 11 02:03:38 2016 +0000" }, "message": "client: Always initialize keys DB from local storage\n\nIf the local root is expired, an update will download the latest root\nfrom remote storage, and we need to be able to verify that new root with\nthe local keys.\n\nSigned-off-by: Lewis Marshall \u003clewis@lmars.net\u003e\n" }, { "commit": "69ec51cc76d2b025e819174cb073c46f1629390e", "tree": "afe89eb44a772e08afe292807a4d469adb091f12", "parents": [ "55659a6755feead819e16066d41a22b94f43ed1d", "79f965cf0317ac0f21de4518759efaca6d2e133f" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Dec 01 15:22:54 2015 -0500" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Dec 01 15:22:54 2015 -0500" }, "message": "Merge pull request #90 from flynn/fix-bolt-values\n\nEnsure we copy boltdb values" }, { "commit": "79f965cf0317ac0f21de4518759efaca6d2e133f", "tree": "afe89eb44a772e08afe292807a4d469adb091f12", "parents": [ "55659a6755feead819e16066d41a22b94f43ed1d" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Dec 01 13:36:41 2015 -0500" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Tue Dec 01 13:36:41 2015 -0500" }, "message": "Ensure we copy boltdb values\n\nThese slices are backed by a mmap’ed memory area and can cause segfaults\nif not copied out.\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e" }, { "commit": "55659a6755feead819e16066d41a22b94f43ed1d", "tree": "d9c6e8e3dfdda7f246cb22a717c76df737471c02", "parents": [ "64b4add78d73e2fec5c40ef3a155bff3889275c1", "85b7d8200d32c3502e1aec8e692583d4981678c7" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jul 26 15:41:08 2015 +0100" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jul 26 15:41:08 2015 +0100" }, "message": "Merge pull request #89 from flynn/dont-reset-custom-meta\n\nDon\u0027t reset custom metadata when not specified" }, { "commit": "85b7d8200d32c3502e1aec8e692583d4981678c7", "tree": "d9c6e8e3dfdda7f246cb22a717c76df737471c02", "parents": [ "64b4add78d73e2fec5c40ef3a155bff3889275c1" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jul 26 15:30:19 2015 +0100" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Sun Jul 26 15:30:19 2015 +0100" }, "message": "Don\u0027t reset custom metadata when not specified\n\nIf I do the following:\n\n```\ntuf add --custom \u0027{\"foo\":\"bar\"}\u0027 foo.txt\ntuf add bar.txt\ntuf add\n```\n\nI expect foo.txt to keep the metadata I give it, but that doesn\u0027t\ncurrently happen as `tuf add` will set metadata of all staged files to\nnil.\n\nI have updated the logic to maintain custom metadata if the user hasn\u0027t\nspecified any.\n\nSigned-off-by: Lewis Marshall \u003clewis@lmars.net\u003e\n" }, { "commit": "64b4add78d73e2fec5c40ef3a155bff3889275c1", "tree": "5537335d003708ea73b7340e71b17feeae66a681", "parents": [ "9a681810d6b1c2034bfcc60797367a443f715c48", "8758c77132296af27782e7e425c248f5b031227f" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 13 10:55:50 2015 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 13 10:55:50 2015 -0400" }, "message": "Merge pull request #84 from endophage/verifiers\n\nPluggable verifiers" }, { "commit": "9a681810d6b1c2034bfcc60797367a443f715c48", "tree": "320169b5ba2e6b2007574519bfc208688b1f87cd", "parents": [ "c7cf9ceb7a550e23c373338fa61136fc35e3b6a4", "6858e07c2e125af7069220fa800c894dd4697717" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Mon May 11 15:19:22 2015 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Mon May 11 15:19:22 2015 -0400" }, "message": "Merge pull request #87 from vladimir-v-diaz/expires_flag\n\nMention the \u0027--expires\u0027 flag available to the \u0027tuf gen-key\u0027 command" }, { "commit": "6858e07c2e125af7069220fa800c894dd4697717", "tree": "320169b5ba2e6b2007574519bfc208688b1f87cd", "parents": [ "c7cf9ceb7a550e23c373338fa61136fc35e3b6a4" ], "author": { "name": "Vladimir Diaz", "email": "vladimir.v.diaz@gmail.com", "time": "Mon May 11 15:17:49 2015 -0400" }, "committer": { "name": "Vladimir Diaz", "email": "vladimir.v.diaz@gmail.com", "time": "Mon May 11 15:17:49 2015 -0400" }, "message": "Mention the \u0027--expires\u0027 flag available to the \u0027tuf gen-key\u0027 command\n\nSigned-off-by: Vladimir Diaz \u003cvladimir.v.diaz@gmail.com\u003e\n" }, { "commit": "8758c77132296af27782e7e425c248f5b031227f", "tree": "1a0064ac0720ce0d17b13f8c84e576c5517ae006", "parents": [ "c7cf9ceb7a550e23c373338fa61136fc35e3b6a4" ], "author": { "name": "David Lawrence", "email": "david.lawrence@docker.com", "time": "Wed May 06 13:30:25 2015 -0700" }, "committer": { "name": "David Lawrence", "email": "david.lawrence@docker.com", "time": "Mon May 11 09:32:58 2015 -0700" }, "message": "pluggable verifiers\nSigned-off-by: David Lawrence \u003cdavid.lawrence@docker.com\u003e (github: endophage)\n" }, { "commit": "c7cf9ceb7a550e23c373338fa61136fc35e3b6a4", "tree": "ea2232f9d24e599b0dcbc1be6955d2168a74ead7", "parents": [ "e4c2efd11520b484f303d193bbc13430a4c53f26", "6a3dc5bfd9658cbb18d630a52bb15648bdd19495" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 17:28:21 2015 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 17:28:21 2015 -0400" }, "message": "Merge pull request #83 from flynn/contributing\n\nAdd CONTRIBUTING.md" }, { "commit": "6a3dc5bfd9658cbb18d630a52bb15648bdd19495", "tree": "ea2232f9d24e599b0dcbc1be6955d2168a74ead7", "parents": [ "e4c2efd11520b484f303d193bbc13430a4c53f26" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 14:40:37 2015 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 17:28:13 2015 -0400" }, "message": "Add CONTRIBUTING.md\n\nSigned-off-by: Jonathan Rudenberg \u003cjonathan@titanous.com\u003e\n" }, { "commit": "e4c2efd11520b484f303d193bbc13430a4c53f26", "tree": "f24e12d9841f5fc96408aefac2e352e87e571769", "parents": [ "0fcbe8852b0923d478cd3d50519eafafc21616f3", "ae493bcc9f382acdafd4050f374d97aa57bdc21e" ], "author": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 15:10:01 2015 -0400" }, "committer": { "name": "Jonathan Rudenberg", "email": "jonathan@titanous.com", "time": "Wed May 06 15:10:01 2015 -0400" }, "message": "Merge pull request #82 from endophage/flynnmaster\n\nsimpler NormalizeTargets" }, { "commit": "ae493bcc9f382acdafd4050f374d97aa57bdc21e", "tree": "f24e12d9841f5fc96408aefac2e352e87e571769", "parents": [ "0fcbe8852b0923d478cd3d50519eafafc21616f3" ], "author": { "name": "David Lawrence", "email": "david.lawrence@docker.com", "time": "Wed May 06 12:04:40 2015 -0700" }, "committer": { "name": "David Lawrence", "email": "david.lawrence@docker.com", "time": "Wed May 06 12:04:40 2015 -0700" }, "message": "path.Join(\"/\") does everything required in Normalize\nSigned-off-by: David Lawrence \u003cdavid.lawrence@docker.com\u003e (github: endophage)\n" }, { "commit": "0fcbe8852b0923d478cd3d50519eafafc21616f3", "tree": "d8ace39ef62723510c3c74177f4fab5737d0cfa2", "parents": [ "c7a634160b148092106181edebb3aec36f9795e1", "d5230c6d54fa56e288f3641f79a6947ce2ec272f" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Mar 26 22:12:20 2015 +0000" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Mar 26 22:12:20 2015 +0000" }, "message": "Merge pull request #81 from flynn/prevent-clean-new-repo\n\nrepo: Prevent cleaning a new repository" }, { "commit": "d5230c6d54fa56e288f3641f79a6947ce2ec272f", "tree": "d8ace39ef62723510c3c74177f4fab5737d0cfa2", "parents": [ "c7a634160b148092106181edebb3aec36f9795e1" ], "author": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Mar 26 20:33:49 2015 +0000" }, "committer": { "name": "Lewis Marshall", "email": "lewis@lmars.net", "time": "Thu Mar 26 20:33:49 2015 +0000" }, "message": "repo: Prevent cleaning a new repository\n\nAfter creating keys in a new repository, repo.Clean would remove the\nstaged root.json, rendering the keys unusable.\n\nGiven Clean is only useful to reset the state to what is committed, it\nonly makes sense to call it when something has been committed already,\nso this change prevents cleaning a new repository.\n\nSigned-off-by: Lewis Marshall \u003clewis@lmars.net\u003e\n" } ], "next": "c7a634160b148092106181edebb3aec36f9795e1" }